<?php
/**
 * File: util.php
 * Author: Mihaela
 * Date: 11/1/2012
 * Modified By: Brian Gailis
 * Modified Date: 2012-11-07
 * Description: Utility functions.
 */

/**
 * Opens connection to the MySQL database server on the localhost,
 *   for the root account, with no password.
 * @return object $conn that has connection data.
 */
function connect( )
{
  //connect to the database server
  $conn = mysqli_connect("localhost", "root", "", "internship2career");

  //check connection
  if (mysqli_connect_errno( )) {
    exit("Failied to connect to MySQL" . mysqli_connect_error( ));
  }
  debug("Database connection" , mysqli_get_host_info($conn));
  return $conn;
}

/**
 * Calls var_dump( ) for parameter variable.
 * @param string $msg message outputted before exposing the parameter variable.
 * @param mixed $var has variable that's being examined.
 */
function debug($msg, $var)
{
  echo "DEBUG $msg: ";
  var_dump($var);
  echo "<br />";
}

/**
 * Prevents cross-site injection and SQL injection.
 * @param string $input has string entered by the user through a form
 * @return string $input has a modified string from which escaping
 *   symbols, '\' and quotation symbols have been removed (to prevent
 *   MySQL injection), and HTML tags have been converted to HTML entities.
 */
function sanitize($input)
{
  if (get_magic_quotes_gpc( )) {
    $input = stripslashes($input);
  }
  $input = mysql_real_escape_string($input);
  $input = htmlentities($input);
  return $input;
}
?>